subject:"RE\: Route\-map question \(urgent\) \[7\:54910\]"

Re: Route-map question (urgent) [7:54910]

2002-10-04 Thread Chuck's Long Road


what you have will end up sending ALL traffic to . well to nowhere,
since you have no set statement.

--

www.chuckslongroad.info
like my web site?
take the survey!



 wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Greetings,
>
> Need help with a route-map question.  I need to force all http traffic
> to go to 10.10.10.141 address, does my config below allow me to do just
> that?
>
>
> access-list extended 101 permit tcp any host 10.10.10.141 eq 80
> access-list extended 101 permit ip any any
>
> route-map http_traffic permit 10
>  match ip address 101
>
> int fa2/0 (10.10.10.141 address is behind this interface)
> ip policy route-map http_traffic
>
> Thanks...Nabil
>
> "I have never let my schooling interfere with my education."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54911&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-04 Thread [EMAIL PROTECTED]


The second access-lists statement says to do the action in the route map
with all traffic.

>From what I undertood you do not want that.

> Greetings,
>
> Need help with a route-map question.  I need to force all http
traffic
> to go to 10.10.10.141 address, does my config below allow me to
do just
> that?
>
>
> access-list extended 101 permit tcp any host 10.10.10.141 eq 80
> access-list extended 101 permit ip any any
>
> route-map http_traffic permit 10
>  match ip address 101
>
> int fa2/0 (10.10.10.141 address is behind this interface)
> ip policy route-map http_traffic
>
> Thanks...Nabil
>
> "I have never let my schooling interfere with my
education."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54916&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-05 Thread ccnp ccnp2002


Hi,

I suggest that you study again about access-lists and route-maps. This is
the best answer to your question because once you go through it again, you
will be fine.

I kindly ask you to spend just a little time and it will be very clear.

Cheers!!


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54926&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-05 Thread YASSER ALY


No, you need to do the follwoing

access-list 101 permit tcp any any eq 80

route-map http_traffic permit 10

match ip address 101

set next-hop 10.10.10.141

route-map nttp_traffic permit 20

!

int fa2/0

ip policy route-map http_traffic

 

>From: "[EMAIL PROTECTED]" >Greetings, > >Need help with a
route-map question. I need to force all http traffic >to go to
10.10.10.141 address, does my config below allow me to do just >that? > >
>access-list extended 101 permit tcp any host 10.10.10.141 eq 80
>access-list extended 101 permit ip any any > >route-map http_traffic
permit 10 > match ip address 101 > >int fa2/0 (10.10.10.141 address is
behind this interface) >ip policy route-map http_traffic >
>Thanks...Nabil > >"I have never let my schooling interfere
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



Join the worlds largest e-mail service with MSN Hotmail. Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54928&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-06 Thread Greg Reaume


Yasser,

Be careful here...  you don't know if the only segment for which he wants
HTTP redirected is the one connected via fa2/0, there may be more.  Offering
a solution without knowing all his requirements will just lead him into
deeper confusion.


Nabil,

The best way to find your answer is to go and learn this thoroughly for
yourself.  And as always, never put yourself in a position where you are
urgently required to do something you've never done without a lifeline setup
prior to your need.  No manager that I have worked with has ever blamed
someone for saying, "I've never done that before and I'd feel more
comfortable taking some time to understand it".  If the need is that urgent
that there is no time to spare, you should be able to call TAC under your
service contract, right?  :)

Good luck.

Greg Reaume


""YASSER ALY""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
No, you need to do the follwoing

access-list 101 permit tcp any any eq 80

route-map http_traffic permit 10

match ip address 101

set next-hop 10.10.10.141

route-map nttp_traffic permit 20

!

int fa2/0

ip policy route-map http_traffic



>From: "[EMAIL PROTECTED]" >Greetings, > >Need help with a
route-map question. I need to force all http traffic >to go to
10.10.10.141 address, does my config below allow me to do just >that? > >
>access-list extended 101 permit tcp any host 10.10.10.141 eq 80
>access-list extended 101 permit ip any any > >route-map http_traffic
permit 10 > match ip address 101 > >int fa2/0 (10.10.10.141 address is
behind this interface) >ip policy route-map http_traffic >
>Thanks...Nabil > >"I have never let my schooling interfere
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



Join the worlds largest e-mail service with MSN Hotmail. Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54975&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-06 Thread YASSER ALY


Greg,

  Thank you for what you have said. My suggestions were based on the
scenario that Nabil mentioned. Being the fact that his real life scenario
is different that what he said fall under his attention to consider. It's
just something to give some light for him but you do have a point that he
should read more before considering doing something he never did before.

BTW, is it normal that somebody's postings to the list not to be sent to
his e-mail. Eachtime I send to the list either a question or a reply I
don't get a clue that it has been received until someone like you replies
quoting what I have said,

Regards,

Yasser

>From: "Greg Reaume" >Yasser, > >Be careful here... you don't know if the
only segment for which he wants >HTTP redirected is the one connected via
fa2/0, there may be more. Offering >a solution without knowing all his
requirements will just lead him into >deeper confusion. > > >Nabil, >
>The best way to find your answer is to go and learn this thoroughly for
>yourself. And as always, never put yourself in a position where you are
>urgently required to do something you've never done without a lifeline
setup >prior to your need. No manager that I have worked with has ever
blamed >someone for saying, "I've never done that before and I'd feel
more >comfortable taking some time to understand it". If the need is that
urgent >that there is no time to spare, you should be able to call TAC
under your >service contract, right? :) > >Good luck. > >Greg Reaume > >
>""YASSER ALY"" wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >No, you need to do the
follwoing > >access-list 101 permit tcp any any eq 80 > >route-map
http_traffic permit 10 > >match ip address 101 > >set next-hop
10.10.10.141 > >route-map nttp_traffic permit 20 > >! > >int fa2/0 > >ip
policy route-map http_traffic > > > > >From:
"[EMAIL PROTECTED]" >Greetings, > >Need help with a >route-map
question. I need to force all http traffic >to go to >10.10.10.141
address, does my config below allow me to do just >that? > > >
>access-list extended 101 permit tcp any host 10.10.10.141 eq 80 >
>access-list extended 101 permit ip any any > >route-map http_traffic
>permit 10 > match ip address 101 > >int fa2/0 (10.10.10.141 address is
>behind this interface) >ip policy route-map http_traffic > >
>Thanks...Nabil > >"I have never let my schooling interfere
>misconduct and Nondisclosure violations to [EMAIL PROTECTED] >
>
> >Join the worlds largest e-mail service with MSN Hotmail. Click Here >
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



Join the worlds largest e-mail service with MSN Hotmail. Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54979&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-06 Thread Greg Reaume


Yasser,

I agree, everyone should be conscious that any advice received through a
source such as this, although quite skilled, can only be advice given based
on the information one has provided.  This advice is only as accurate and
comprehensive as one's presented question or scenario.

About the postings, I know that I use Outlook Express through Outlook (news
button), and I do see the postings that I make in each thread.  However, I
can only choose to either post to thread, or reply directly to sender.  If I
want to do both I must manually add the destinations to the message.

Greg Reaume


""YASSER ALY""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Greg,

  Thank you for what you have said. My suggestions were based on the
scenario that Nabil mentioned. Being the fact that his real life scenario
is different that what he said fall under his attention to consider. It's
just something to give some light for him but you do have a point that he
should read more before considering doing something he never did before.

BTW, is it normal that somebody's postings to the list not to be sent to
his e-mail. Eachtime I send to the list either a question or a reply I
don't get a clue that it has been received until someone like you replies
quoting what I have said,

Regards,

Yasser

>From: "Greg Reaume" >Yasser, > >Be careful here... you don't know if the
only segment for which he wants >HTTP redirected is the one connected via
fa2/0, there may be more. Offering >a solution without knowing all his
requirements will just lead him into >deeper confusion. > > >Nabil, >
>The best way to find your answer is to go and learn this thoroughly for
>yourself. And as always, never put yourself in a position where you are
>urgently required to do something you've never done without a lifeline
setup >prior to your need. No manager that I have worked with has ever
blamed >someone for saying, "I've never done that before and I'd feel
more >comfortable taking some time to understand it". If the need is that
urgent >that there is no time to spare, you should be able to call TAC
under your >service contract, right? :) > >Good luck. > >Greg Reaume > >
>""YASSER ALY"" wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >No, you need to do the
follwoing > >access-list 101 permit tcp any any eq 80 > >route-map
http_traffic permit 10 > >match ip address 101 > >set next-hop
10.10.10.141 > >route-map nttp_traffic permit 20 > >! > >int fa2/0 > >ip
policy route-map http_traffic > > > > >From:
"[EMAIL PROTECTED]" >Greetings, > >Need help with a >route-map
question. I need to force all http traffic >to go to >10.10.10.141
address, does my config below allow me to do just >that? > > >
>access-list extended 101 permit tcp any host 10.10.10.141 eq 80 >
>access-list extended 101 permit ip any any > >route-map http_traffic
>permit 10 > match ip address 101 > >int fa2/0 (10.10.10.141 address is
>behind this interface) >ip policy route-map http_traffic > >
>Thanks...Nabil > >"I have never let my schooling interfere
>misconduct and Nondisclosure violations to [EMAIL PROTECTED] >
>
> >Join the worlds largest e-mail service with MSN Hotmail. Click Here >
misconduct and Nondisclosure violations to [EMAIL PROTECTED]



Join the worlds largest e-mail service with MSN Hotmail. Click Here




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54981&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-07 Thread Stefan Razeshu


I think the response for this question is:

The access list:
access-list 101 permit tcp any eq www any
!-you need to detect your incoming www traffic.
!-You can use also your network address for the first "any".
!-route map statement
route-map http_access permit 10
match ip address 101
set ip next-hop 10.10.10.141

The policy map statement need to be place on the interface that is facing
your network not to the interface near by the host 10.10.10.141.
Regards,
Stefan

PS. I think we need to help each other not to give life lessons.
It is a Cisco study list not the church.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54994&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-07 Thread Stefan Razeshu


Sorry..the access-list is not corect.
Should be:
 access-list 101 permit tcp any any eq 80
Regards
Stefan


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=55004&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Route-map question (urgent) [7:54910]

2002-10-07 Thread Harold Monroe


This is something I've been wondering about also. As I understand it when
you "set ip next-hop" it forces the packet to go out a particular interface.

How about if you want the destination address changed for a particular type
of traffic so HTTP traffic goes to an HTTP server and FTP to an FTP server.

For example, if you have only one Public IP Address and if HTTP comes in you
want its destination address changed to 192.168.1.10, if FTP change its
destination address to 192.168.1.20

-Original Message-
From:   Stefan Razeshu [mailto:[EMAIL PROTECTED]]
Sent:   Monday, October 07, 2002 4:16 AM
To: [EMAIL PROTECTED]
Subject:        Re: Route-map question (urgent) [7:54910]

I think the response for this question is:

The access list:
access-list 101 permit tcp any eq www any
!-you need to detect your incoming www traffic.
!-You can use also your network address for the first "any".
!-route map statement
route-map http_access permit 10
match ip address 101
set ip next-hop 10.10.10.141

The policy map statement need to be place on the interface
that is facing
your network not to the interface near by the host
10.10.10.141.
Regards,
Stefan

PS. I think we need to help each other not to give life
lessons.
It is a Cisco study list not the church.
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=55011&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Route-map question (urgent) [7:54910]

2002-10-07 Thread Jim Brown

Port Address Translation.

-Original Message-
From: Harold Monroe [mailto:[EMAIL PROTECTED]] 
Sent: Monday, October 07, 2002 10:56 AM
To: [EMAIL PROTECTED]
Subject: RE: Route-map question (urgent) [7:54910]

This is something I've been wondering about also. As I understand it
when
you "set ip next-hop" it forces the packet to go out a particular
interface.

How about if you want the destination address changed for a particular
type
of traffic so HTTP traffic goes to an HTTP server and FTP to an FTP
server.

For example, if you have only one Public IP Address and if HTTP comes in
you
want its destination address changed to 192.168.1.10, if FTP change its
destination address to 192.168.1.20

-Original Message-
From:   Stefan Razeshu [mailto:[EMAIL PROTECTED]]
Sent:   Monday, October 07, 2002 4:16 AM
To: [EMAIL PROTECTED]
Subject:        Re: Route-map question (urgent)
[7:54910]

I think the response for this question is:

The access list:
access-list 101 permit tcp any eq www any
!-you need to detect your incoming www traffic.
!-You can use also your network address for the first
"any".
!-route map statement
route-map http_access permit 10
match ip address 101
set ip next-hop 10.10.10.141

The policy map statement need to be place on the
interface
that is facing
your network not to the interface near by the host
10.10.10.141.
Regards,
Stefan

PS. I think we need to help each other not to give life
lessons.
It is a Cisco study list not the church.
[EMAIL PROTECTED]

Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=55012&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

2002-10-07 Thread Greg Reaume


That is something that you could do using NAT statements (port address
translation/port forwarding/network address port translation, etc.):

!
int fa0/0
 desc external interface
 ! ip below used as an example, I apologize if it, although unlikely,
matches anyone's config.
 ip add 216.253.64.2 255.255.255.252
 ip nat outside
!
int fa0/1
 desc internal interface
 ip add 192.168.1.1 255.255.255.0
 ip nat inside
!
ip nat inside source static tcp 192.168.1.10 80 216.253.64.2 80
ip nat inside source static tcp 192.168.1.20 21 216.253.64.2 21
!

Of course, if this router is acting in this fashion when it comes to NAT, it
would be assumed that it will also run the firewall feature-set and be
secured appropriately.  You would have to permit this particular traffic in
your external access-lists.

HTH

Greg Reaume


""Harold Monroe""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
This is something I've been wondering about also. As I understand it when
you "set ip next-hop" it forces the packet to go out a particular interface.

How about if you want the destination address changed for a particular type
of traffic so HTTP traffic goes to an HTTP server and FTP to an FTP server.

For example, if you have only one Public IP Address and if HTTP comes in you
want its destination address changed to 192.168.1.10, if FTP change its
destination address to 192.168.1.20

-Original Message-
From: Stefan Razeshu [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 07, 2002 4:16 AM
To: [EMAIL PROTECTED]
Subject: Re: Route-map question (urgent) [7:54910]

I think the response for this question is:

The access list:
access-list 101 permit tcp any eq www any
!-you need to detect your incoming www traffic.
!-You can use also your network address for the first "any".
!-route map statement
route-map http_access permit 10
match ip address 101
set ip next-hop 10.10.10.141

The policy map statement need to be place on the interface
that is facing
your network not to the interface near by the host
10.10.10.141.
Regards,
Stefan

PS. I think we need to help each other not to give life
lessons.
It is a Cisco study list not the church.
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=55065&t=54910
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

RE: Route-map question (urgent) [7:54910]

RE: Route-map question (urgent) [7:54910]

Re: Route-map question (urgent) [7:54910]

12 matches

Site Navigation

Mail list logo

Footer information